Get More from Your Web Browser

Discover your web browser's hidden talents, avoid annoyances, and search
more effectively with Take Control of Your Browser by Robyn Weisman.

Apple Developers Told 2FA for Apple ID Soon Required

Apple recently told software developers that two-factor authentication (2FA) will be required as of February 27, 2019, for Apple ID accounts used to log in to the company’s developer website, and which are used for other purposes to create identification and encryption documents. That’s a concern for some developers who haven’t enabled 2FA on the account or accounts they use for development purposes.

Apple requires that you use macOS or iOS to enable 2FA for an Apple ID, as I describe in Take Control of Your Apple ID in some detail (along with how to take steps so that you set up 2FA with the right recovery details in case you have a problem with the account or someone tries to hack into it). That requires a given Mac or iOS device has that Apple ID used as its iCloud login account.

But some developers use one or more Apple IDs for development that they don’t employ with iCloud on any device. They were left wondering how they could possibly enable 2FA, even though they can use telephone-based SMS or automated-voice codes to confirm logins after setting it up.

Fortunately, Take Control of Your Apple ID has the answer (in the section “Set up 2FA Without a Device”). Here’s a brief rundown:

  1. Set up a separate login account on a Mac, even one you don’t routinely use.
  2. Log in to iCloud via the iCloud preference pane using the Apple ID you want to upgrade to 2FA.
  3. Make sure to set at least a couple phone numbers to use as verification codes in the process of set up.

Now, whenever you log into a developer resource or any Apple site or service that requires that Apple ID, Apple will attempt to send a verification code to the macOS account you logged in with, which won’t do anything. Instead, click or tap “Didn’t get a verification code” and then you can choose to receive an SMS or voice-based code to complete the login (as explained in depth in the section “Log In with 2FA by SMS or Voice Call”).

Posted by Glenn Fleishman (Permalink)